Podofo Project

Podofo

62 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2018-5783

Exploit
  • EPSS 0.37%
  • Published 19.01.2018 08:29:00
  • Last modified 21.11.2024 04:09:23

In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.

5.5

CVE-2018-5309

Exploit
  • EPSS 0.23%
  • Published 09.01.2018 05:29:00
  • Last modified 21.11.2024 04:08:33

In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf...

7.8

CVE-2018-5308

Exploit
  • EPSS 0.29%
  • Published 09.01.2018 05:29:00
  • Last modified 21.11.2024 04:08:33

PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via...

5.5

CVE-2018-5296

Exploit
  • EPSS 0.37%
  • Published 08.01.2018 07:29:00
  • Last modified 21.11.2024 04:08:32

In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.

5.5

CVE-2018-5295

Exploit
  • EPSS 0.37%
  • Published 08.01.2018 07:29:00
  • Last modified 21.11.2024 04:08:32

In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.

8.8

CVE-2017-8787

  • EPSS 0.45%
  • Published 05.05.2017 07:29:01
  • Last modified 20.04.2025 01:37:25

The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact...

9.8

CVE-2017-8378

  • EPSS 0.35%
  • Published 01.05.2017 01:59:00
  • Last modified 20.04.2025 01:37:25

Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors related to m_offset...

5.5

CVE-2017-8054

Exploit
  • EPSS 0.42%
  • Published 22.04.2017 22:59:00
  • Last modified 20.04.2025 01:37:25

The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document.

5.5

CVE-2017-8053

Exploit
  • EPSS 0.35%
  • Published 22.04.2017 21:59:00
  • Last modified 20.04.2025 01:37:25

PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp).

6.5

CVE-2017-7994

Exploit
  • EPSS 0.65%
  • Published 21.04.2017 16:59:00
  • Last modified 20.04.2025 01:37:25

The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.